We have just set up a two-way trust with a remote domain. I can add individual users to groups and assign permissions, but I can't add groups like 'domain users'. It's very odd behaviour. I can put type the group, like UNDPPC\domain users in the people-picker and if I hit OK I get an error:"The user does not exist or is not unique." If I check the name before I hit OK it finds and underlines the name ok, but if I check again it's not found.

I found this in the ULS: Error in resolving user 's-1-5-21-20162213-2513311543-3581706507-513' : System.Runtime.InteropServices.COMException (0x8007203A): The server is not operational. at System.DirectoryServices.DirectoryEntry.Bind(Boolean throwIfFail) at System.DirectoryServices.DirectoryEntry.Bind() at System.DirectoryServices.DirectoryEntry.get_AdsObject() at System.DirectoryServices.DirectorySearcher.FindAll(Boolean findMoreThanOne) etc., etc.
–
DanAug 3 '11 at 9:00

Did you ever find the answer to this question? Thanks
–
user8584May 29 '12 at 20:21